Posts Tagged: alphassl

The “SSL Seal Code” admin setting allows you to display information related to your site’s security on the Membership Checkout page. It provides users with a way to validate your site’s SSL Certificate or relationship with other security partners for increased peace of mind when using your checkout forms.

This post covers how to add content to that field to display alongside the “Payment Information” section of Membership Checkout.

Note: This field is NOT for the actual SSL certificate, which must be installed on your web server either by your web hosting company or yourself. Read more about SSL and Paid Memberships Pro »

Using Your SSL Provider’s “Seal Code”

Most SSL Providers offer an image-based or JavaScript-based link that you can display on your site. When a visitor clicks this link, they will see a popup or be taken to an external page that shows specific security information about your website.

If the code provided by your SSL issuer is basic HTML (a link and image tag), you can simply copy place this code directly into the “SSL Seal Code” field on the Memberships > Payment Gateway & SSL” admin page.

If the code provided by your SSL issuer includes the script, you must use custom code to display the seal. Allowing text fields in the WordPress admin to accept script tags exposes your site to security vulnerabilities, including cross-site scripting attacks.

Below is an example method to insert an SSL Seal provided by AlphaSSL:

Where to Find Your SSL Provider’s Seal Code

Here are links to the top SSL providers used by Paid Memberships Pro members. The page will have a block of code, either an image and link or a block of JavaScript, that you can use on your site using the appropriate method outlined above.

Other banners and verification images

Depending on your gateway, you may want to include other “powered by” or “verified” type badges, such as a PayPal or Stripe logo. We use Stripe as our payment gateway, so I also recently added a “powered by stripe” image to that page.

Here are some links to verified and banner images for various gateways and third party security providers:

You must embed these badges using a relative URL or the https protocol if you upload them to your site’s media library. If you don’t, you’ll be loading insecure content through an insecure connection (no green padlock!).

Again, note that if the provided “verified” banner or image is loaded via the script tag, you must use the custom code as outlined above to display the content. Allowing text fields in the WordPress admin to accept script tags exposes your site to security vulnerabilities, including cross-site scripting attacks.

A note about “shared” or “free” SSLs

You cannot use a shared SSL on your Paid Memberships Pro-powered website. Additionally, if you have a network site where the URL structure uses subdomains (i.e. https://www.paidmembershipspro.com and https://demo.paidmembershipspro.com), you must either install a unique SSL for each subdomain or purchase a Wildcard SSL to cover all subdomains.

60,000+ membership sites use Paid Memberships Pro to #GETPAID.

We’re 100% GPL

Our plugin's code is not obfuscated, runs on as many sites as you want and can be customized to fit your project's needs. We just ask that you follow the GPLv2 guidelines by applying the GPLv2 license to any altered or unaltered version of PMPro that you distribute. Thanks!